The small firm’s and road warrior’s dilemma. Solution: Step 1 – a VPN.

September 15, 2007 by

I work with a lot of individuals and small companies, companies ranging in size from 1-20 people. Many of the companies are consulting companies in various industries. Oftentimes the companies do not have much in common except that they are relatively small. What they do have in common, however, is their need for computer and network support. Because they are consulting companies many of them work for different clients in different places and rarely work from their own offices. Working from remote offices means they rely on laptops for their daily computing needs, and thus storing most of their valuable data on one machine, creating several IT-related challenges. Examples of challenges they face are:

  • They don’t make regular backups of their laptops.
  • If they have a “corporate” file server, they don’t back that up either.
  • They can’t remotely access their file server.
  • If they do have remote access to their file server, typically their small business network is not configured in a very secure way.

When I talk to friends and colleagues who operate small businesses, they all seem to have the same problem. They don’t have the knowledge and/or time to set up a good network and computing environment for themselves and their company. They can’t buying expensive and proprietary hardware and software to solve these problems. And, on top of that, they can’t afford hiring a consultant to implement all these things for them.

In order to see if I could solve at least part of the dilemma, for the last few months I’ve been looking for a Virtual Private Network (VPN) solution that meets the following five requirements:

  1. Inexpensive
  2. Simple
  3. Reliable
  4. Scalable
  5. OS independent

Well, there’s a sixth requirement, secure, but that’s a given. There are countless VPN solutions on the market and many good ones. But, they typically only meet three or four of the five requirements I have defined as necessary to solve the problem.

So, for the past few months I’ve been doing a lot of research on VPNs. IPSec and PPTP VPNs keep on popping up all the time as the core offerings of the large, well-known firms providing VPN products. Fairly recently many of the established firms have also started offering SSL VPN solutions. No matter what protocols are used, for the most part, what they have to offer is technically sound from a reliability and scalability perspective. And there’s certainly no reason to doubt that these products meet the security requirements expected from a VPN. However, most of the solutions are not:

  • inexpensive (at least not in the eyes of the small companies I’m talking about),
  • simple enough to install and configure for the lay person with almost no networking and security knowledge, and
  • they are not OS independent.

Why is OS independence so important? Well, maybe it’s not … yet. However, more and more people I know and talk to, especially in small companies, are getting Mac OS computers; an operating system largely ignored by most VPN product vendors. So, therefore, I believe OS independence is becoming more and more important. Because of that belief I set my mind on finding a solution that will work for nearly all situations, and not just for Windows users. (I mostly work on Macs myself, so that’s a big driver too.)

After a lot of searching, reading, and testing I found OpenVPN founded by James Yonan. As the name suggests, OpenVPN is an open source product and is therefore free to use and distribute. OpenVPN is a so-called SSL VPN, using Secure Socket Layer (SSL) to to encrypt all traffic. SSL is the same security technology used on e-commerce websites and what banks use for Internet banking. Furthermore, OpenVPN is compatible with a large range of operating systems, including Windows, Mac, and Linux. It is also very scalable and is being actively used in large installations all over the world. Scalability of course depends on the horsepower of the computer hardware on which it is installed, but for a small company, a simple computer, which may otherwise not be fit for today’s computing needs, can be reused to handle many simultaneous VPN connections. That pretty much covers four out of my five requirements. So, what about simplicity? Well, to be quite honest, OpenVPN is not that simple for the average person with limited computing, networking, and security skills. But neither are the big “brand name” vendors’ solutions. Because it does meet all the other requirements, I believe it’s the best fit out there for small businesses.

For a small business that wants to significantly improve its computing environment, I think it’s affordable and worthwhile to hire a good network/security consultant to deploy a VPN. Once installed, OpenVPN is extremely easy to use and it work really well. Obviously, to resolve all the issues around backup, etc, mentioned above, simply installing a VPN won’t solve all that in one swoop, but it does go a long way towards creating a better environment for the “road warrior” and it does open up the doors to a nice and cost effective setup for centralized file storage, management, and backups.

Leave a Reply